Sr. Director, Global Security & Compliance
Apply NowCompany: JELD WEN Inc
Location: Charlotte, NC 28269
Description:
JELD-WEN is currently seeking a Sr. Director, Global Security & Compliance to join our growing team.
THE ROLE
As Sr. Director of Global Information Security & Compliance will be responsible for building, developing and managing the information security and compliance team for JELD-WEN and is also responsible for all aspects of information security including strategy, architecture, security policies, security initiatives, internal and external aud its and compliance efforts. This individual advises the senior management in the development, implementation and maintenance of a company wide information security infrastructure and services and ensures appropriate control objectives for system integrity, availability and reliability, confidentiality, accountability, and assurance within the context of company's risk tolerance. This role is also responsible for alignment and conformance with enterprise policy standards, which include monitoring metrics, response integration and escalation and various risk analysis. This role will report to the Chief Information Security Officer.
Principle Duties and Responsibilities
Develop, implement, and monitor a strategic, comprehensive enterprise information security and IT risk management program to ensure that integrity, confidentiality, and availability of information is owned, controlled, or processed by the organization.
Build and manage a strong cybersecurity organization able to keep pace with a rapidly evolving and demanding regulatory environment, diverse threat landscape and robust technology capabilities.
Demonstrate strong technical leadership, people management skills and analytical skills with thorough understanding of information security, development and successful problem definition, decomposition, estimation, and resolution.
Recommend, draft, and approve security policies, standards, and processes. Partner with cross functional teams to validate compliance with those policies, standards, and processes.
Develop and implement JELD-WEN's information security risk management and vulnerability management programs.
Create, communicate, and implement a risk-based process for vendor risk management, including the assessment and treatment for risks that may result from partners, consultants, and other service providers.
Manage and contain information security incidents and events that protect JELD -WEN's IT assets, intellectual property, regulated data, and the company's reputation.
Monitor the external threat environment for emerging threats and advise relevant stakeholders on the appropriate courses of action.
Develop strategies and plans to ensure timely and accurate restoration of JELD -WEN's critical infrastructure in the event of serious disruption.
Lead security training and awareness to ensure employees receive ongoing security training.
Develop a metric and reporting framework to measure the efficiency and effectiveness of the security program, facilitate appropriate resource allocation and increase the maturity of the security.
Build and maintain a central IT general controls framework mapped to industry with the best practices and regulatory requirements which defines the key IT controls that are performed across IT globally.
Conduct ongoing control assessments to validate compliance with policy, controls framework and compliance with regulations and standards.
Establish, maintain, and promote awareness of all IT policies for JELD-WEN.
Serve as the liaison between internal audit and the IT organization to assist coordinate audits, reviewing scope, reviewing reports and determine appropriate and relevant agreed actions.
Develop and manage information security budgets and monitor them for variances.
Perform related duties and fulfill responsibilities as required.
Knowledge, Skills, Abilities
Preferred: CISM or similar information security certificate (e.g., CISSP, CISA, CRISC, CEH)
Strong verbal and written communication skills.
Excellent presentation skills.
Experience in working with remote\ distributed project teams.
Proven project planning skills (organizational and time management).
High level of interpersonal skills - has ability to manage customer expectations.
Has demonstrated the ability to work with, lead, motivate and develop a team.
Experience with web-based applications and/or web services-based applications, APIs etc.
Education and Experience
Bachelor's Degree in computer science, information systems or related field.
Minimum 10 years of experience in a combination of risk management, information security and IT jobs. At least four must be in a senior leadership role.
Experience in the implementation and management of risk management programs and working knowledge of information security risk management frameworks such as ISO 27001, NIST, COBIT etc.
Demonstrated experience in delivering comprehensive solutions to complex security issues on a global scale.
Experience in financial, heath care or highly regulated industry.
#LI-LP1
About JELD-WEN Holding, Inc.
JELD-WEN Holding, Inc. (NYSE: JELD) is a leading global designer, manufacturer and distributor of high-performance interior and exterior doors, windows and related building products serving the new construction and repair and remodeling sectors. Based in Charlotte, North Carolina, the company operates across North America and Europe. Our associates are dedicated to bringing beauty and security to the spaces that touch our lives through our market-leading product brands across the world. The JELD-WEN family of brands includes JELD-WEN worldwide, LaCantina and VPI in North America, and Swedoor and DANA in Europe. For more information, visit corporate.JELD-WEN.com or follow LinkedIn.
JELD-WEN has been named by Forbes as one of 'America's Best Employers' and by Newsweek as one of the 'World's Most Trustworthy Companies'.
What We Offer
Investing in People is one of our Core Values, we strive to attract & retain great people! As such, JELD-WEN offers competitive compensation & benefits packages. As a global organization, specific benefits may vary, however typically including medical & dental, generous leave policies, retirement program, etc.
JELD-WEN is an equal employment opportunity employer and does not tolerate discrimination, harassment, and/or retaliation based on individuals' physical traits, beliefs, and/or other characteristics that are protected under applicable laws.
JELD-WEN does not accept unsolicited resumes from headhunters, recruitment agencies, or fee-based recruitment services.
THE ROLE
As Sr. Director of Global Information Security & Compliance will be responsible for building, developing and managing the information security and compliance team for JELD-WEN and is also responsible for all aspects of information security including strategy, architecture, security policies, security initiatives, internal and external aud its and compliance efforts. This individual advises the senior management in the development, implementation and maintenance of a company wide information security infrastructure and services and ensures appropriate control objectives for system integrity, availability and reliability, confidentiality, accountability, and assurance within the context of company's risk tolerance. This role is also responsible for alignment and conformance with enterprise policy standards, which include monitoring metrics, response integration and escalation and various risk analysis. This role will report to the Chief Information Security Officer.
Principle Duties and Responsibilities
Develop, implement, and monitor a strategic, comprehensive enterprise information security and IT risk management program to ensure that integrity, confidentiality, and availability of information is owned, controlled, or processed by the organization.
Build and manage a strong cybersecurity organization able to keep pace with a rapidly evolving and demanding regulatory environment, diverse threat landscape and robust technology capabilities.
Demonstrate strong technical leadership, people management skills and analytical skills with thorough understanding of information security, development and successful problem definition, decomposition, estimation, and resolution.
Recommend, draft, and approve security policies, standards, and processes. Partner with cross functional teams to validate compliance with those policies, standards, and processes.
Develop and implement JELD-WEN's information security risk management and vulnerability management programs.
Create, communicate, and implement a risk-based process for vendor risk management, including the assessment and treatment for risks that may result from partners, consultants, and other service providers.
Manage and contain information security incidents and events that protect JELD -WEN's IT assets, intellectual property, regulated data, and the company's reputation.
Monitor the external threat environment for emerging threats and advise relevant stakeholders on the appropriate courses of action.
Develop strategies and plans to ensure timely and accurate restoration of JELD -WEN's critical infrastructure in the event of serious disruption.
Lead security training and awareness to ensure employees receive ongoing security training.
Develop a metric and reporting framework to measure the efficiency and effectiveness of the security program, facilitate appropriate resource allocation and increase the maturity of the security.
Build and maintain a central IT general controls framework mapped to industry with the best practices and regulatory requirements which defines the key IT controls that are performed across IT globally.
Conduct ongoing control assessments to validate compliance with policy, controls framework and compliance with regulations and standards.
Establish, maintain, and promote awareness of all IT policies for JELD-WEN.
Serve as the liaison between internal audit and the IT organization to assist coordinate audits, reviewing scope, reviewing reports and determine appropriate and relevant agreed actions.
Develop and manage information security budgets and monitor them for variances.
Perform related duties and fulfill responsibilities as required.
Knowledge, Skills, Abilities
Preferred: CISM or similar information security certificate (e.g., CISSP, CISA, CRISC, CEH)
Strong verbal and written communication skills.
Excellent presentation skills.
Experience in working with remote\ distributed project teams.
Proven project planning skills (organizational and time management).
High level of interpersonal skills - has ability to manage customer expectations.
Has demonstrated the ability to work with, lead, motivate and develop a team.
Experience with web-based applications and/or web services-based applications, APIs etc.
Education and Experience
Bachelor's Degree in computer science, information systems or related field.
Minimum 10 years of experience in a combination of risk management, information security and IT jobs. At least four must be in a senior leadership role.
Experience in the implementation and management of risk management programs and working knowledge of information security risk management frameworks such as ISO 27001, NIST, COBIT etc.
Demonstrated experience in delivering comprehensive solutions to complex security issues on a global scale.
Experience in financial, heath care or highly regulated industry.
#LI-LP1
About JELD-WEN Holding, Inc.
JELD-WEN Holding, Inc. (NYSE: JELD) is a leading global designer, manufacturer and distributor of high-performance interior and exterior doors, windows and related building products serving the new construction and repair and remodeling sectors. Based in Charlotte, North Carolina, the company operates across North America and Europe. Our associates are dedicated to bringing beauty and security to the spaces that touch our lives through our market-leading product brands across the world. The JELD-WEN family of brands includes JELD-WEN worldwide, LaCantina and VPI in North America, and Swedoor and DANA in Europe. For more information, visit corporate.JELD-WEN.com or follow LinkedIn.
JELD-WEN has been named by Forbes as one of 'America's Best Employers' and by Newsweek as one of the 'World's Most Trustworthy Companies'.
What We Offer
Investing in People is one of our Core Values, we strive to attract & retain great people! As such, JELD-WEN offers competitive compensation & benefits packages. As a global organization, specific benefits may vary, however typically including medical & dental, generous leave policies, retirement program, etc.
JELD-WEN is an equal employment opportunity employer and does not tolerate discrimination, harassment, and/or retaliation based on individuals' physical traits, beliefs, and/or other characteristics that are protected under applicable laws.
JELD-WEN does not accept unsolicited resumes from headhunters, recruitment agencies, or fee-based recruitment services.